Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Is that a correct architecture

Hi every one,

In our company we have no cisco router and no firewall,

So we want to put somthing from cisco,and we have no ideas about which we should put first,router or Asa

the attachment shows the architecture we want but i don't know if it is correct and possible with the ASA 5515,

the best solution is to put a router for all wan connexions and the Asa behind it,

but if i put the ASA for all WAN  connexions (see attachment) , will i have a routing problems or it will be easy?

we want to have 2 ADSL and one leased line.if that is not possible we can just put one ADSL and one leased line,is that possible ?

we want also VPN connexions.IPsec.

VIP Purple

Re: Is that a correct architecture

In general, you can use both an ASA and also an IOS-router for that. A router will give you a much more flexible solution for traffic-control because the ASA doesn't have real policy based routing. But for incoming traffic all theee lines can be used. Only for outgoing traffic you should pick one of the lines as the default.

If you connect a router to the WAN-circuits, you could also use that router as the firewall. Of course you need the security-featureset on the router for that. With one router and one ASA behind each other you have two single points of failure.

Sent from Cisco Technical Support iPad App

Don't stop after you've improved your network! Improve the world by lending money to the working poor:
CreatePlease login to create content